Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
open redirect vulnerabilities and exploits
(subscribe to this query)
5.3
CVE-2022-37311
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet....
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
5.3
CVE-2022-37312
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet....
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2013-2582
CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging...
Open-xchange Open-xchange Appsuite 6.22.0
Open-xchange Open-xchange Appsuite 6.22.1
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 7.0.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 7.0.2
NA
CVE-2013-1647
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by (1)...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 6.20.7
1 EDB exploit available
6.1
CVSSv3
CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirect_url parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code....
Open-audit Open-audit 2.1
6.1
CVSSv3
CVE-2022-31040
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to...
Maykinmedia Open Forms
Maykinmedia Open Forms 1.10
7.4
CVSSv3
CVE-2016-3174
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to...
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-13565
An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An...
Open-emr Openemr 5.0.2
Phpgacl Project Phpgacl 3.3.7
6.1
CVSSv3
CVE-2018-14381
Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability....
Pagekit Pagekit
6.1
CVSSv3
CVE-2014-3652
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL....
Redhat Keycloak 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary
CVE-2023-6514
CVE-2023-45285
CVE-2023-42917
validation
log injection
CVE-2023-36655
CVE-2023-48849
CVE-2023-23397
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »